exit(1);
}
-require_once INSTALLDIR . '/lib/apibareauth.php';
-
/**
* Returns the most recent notices (default 20) posted by the authenticating
* user. Another user's timeline can be requested via the id parameter. This
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-
class ApiTimelineUserAction extends ApiBareAuthAction
{
-
var $notices = null;
+ var $next_id = null;
+
/**
* Take arguments for running
*
* @param array $args $_REQUEST args
*
* @return boolean success flag
- *
*/
-
- function prepare($args)
+ protected function prepare(array $args=array())
{
parent::prepare($args);
- $this->user = $this->getTargetUser($this->arg('id'));
+ $this->target = $this->getTargetProfile($this->arg('id'));
- if (empty($this->user)) {
- $this->clientError(_('No such user.'), 404, $this->format);
- return;
+ if (!($this->target instanceof Profile)) {
+ // TRANS: Client error displayed requesting most recent notices for a non-existing user.
+ $this->clientError(_('No such user.'), 404);
}
$this->notices = $this->getNotices();
*
* Just show the notices
*
- * @param array $args $_REQUEST data (unused)
- *
* @return void
*/
-
- function handle($args)
+ protected function handle()
{
- parent::handle($args);
- $this->showTimeline();
+ parent::handle();
+
+ if ($this->isPost()) {
+ $this->handlePost();
+ } else {
+ $this->showTimeline();
+ }
}
/**
*
* @return void
*/
-
function showTimeline()
{
- $profile = $this->user->getProfile();
-
// We'll use the shared params from the Atom stub
// for other feed types.
- $atom = new AtomUserNoticeFeed($this->user, $this->auth_user);
+ $atom = new AtomUserNoticeFeed($this->target->getUser(), $this->auth_user);
$link = common_local_url(
- 'showstream',
- array('nickname' => $this->user->nickname)
- );
+ 'showstream',
+ array('nickname' => $this->target->nickname)
+ );
$self = $this->getSelfUri();
// FriendFeed's SUP protocol
// Also added RSS and Atom feeds
- $suplink = common_local_url('sup', null, null, $this->user->id);
+ $suplink = common_local_url('sup', null, null, $this->target->id);
header('X-SUP-ID: ' . $suplink);
+
+ // paging links
+ $nextUrl = !empty($this->next_id)
+ ? common_local_url('ApiTimelineUser',
+ array('format' => $this->format,
+ 'id' => $this->target->id),
+ array('max_id' => $this->next_id))
+ : null;
+
+ $prevExtra = array();
+ if (!empty($this->notices)) {
+ assert($this->notices[0] instanceof Notice);
+ $prevExtra['since_id'] = $this->notices[0]->id;
+ }
+
+ $prevUrl = common_local_url('ApiTimelineUser',
+ array('format' => $this->format,
+ 'id' => $this->target->id),
+ $prevExtra);
+ $firstUrl = common_local_url('ApiTimelineUser',
+ array('format' => $this->format,
+ 'id' => $this->target->id));
+
switch($this->format) {
case 'xml':
$this->showXmlTimeline($this->notices);
break;
case 'rss':
$this->showRssTimeline(
- $this->notices,
- $atom->title,
- $link,
- $atom->subtitle,
- $suplink,
- $atom->logo,
- $self
- );
+ $this->notices,
+ $atom->title,
+ $link,
+ $atom->subtitle,
+ $suplink,
+ $atom->logo,
+ $self
+ );
break;
case 'atom':
-
header('Content-Type: application/atom+xml; charset=utf-8');
$atom->setId($self);
$atom->setSelfLink($self);
+
+ // Add navigation links: next, prev, first
+ // Note: we use IDs rather than pages for navigation; page boundaries
+ // change too quickly!
+
+ if (!empty($this->next_id)) {
+ $atom->addLink($nextUrl,
+ array('rel' => 'next',
+ 'type' => 'application/atom+xml'));
+ }
+
+ if (($this->page > 1 || !empty($this->max_id)) && !empty($this->notices)) {
+ $atom->addLink($prevUrl,
+ array('rel' => 'prev',
+ 'type' => 'application/atom+xml'));
+ }
+
+ if ($this->page > 1 || !empty($this->since_id) || !empty($this->max_id)) {
+ $atom->addLink($firstUrl,
+ array('rel' => 'first',
+ 'type' => 'application/atom+xml'));
+
+ }
+
$atom->addEntryFromNotices($this->notices);
$this->raw($atom->getString());
case 'json':
$this->showJsonTimeline($this->notices);
break;
- default:
- $this->clientError(_('API method not found.'), $code = 404);
+ case 'as':
+ header('Content-Type: ' . ActivityStreamJSONDocument::CONTENT_TYPE);
+ $doc = new ActivityStreamJSONDocument($this->auth_user);
+ $doc->setTitle($atom->title);
+ $doc->addLink($link, 'alternate', 'text/html');
+ $doc->addItemsFromNotices($this->notices);
+
+ if (!empty($this->next_id)) {
+ $doc->addLink($nextUrl,
+ array('rel' => 'next',
+ 'type' => ActivityStreamJSONDocument::CONTENT_TYPE));
+ }
+
+ if (($this->page > 1 || !empty($this->max_id)) && !empty($this->notices)) {
+ $doc->addLink($prevUrl,
+ array('rel' => 'prev',
+ 'type' => ActivityStreamJSONDocument::CONTENT_TYPE));
+ }
+
+ if ($this->page > 1 || !empty($this->since_id) || !empty($this->max_id)) {
+ $doc->addLink($firstUrl,
+ array('rel' => 'first',
+ 'type' => ActivityStreamJSONDocument::CONTENT_TYPE));
+ }
+
+ $this->raw($doc->asString());
break;
+ default:
+ // TRANS: Client error displayed when coming across a non-supported API method.
+ $this->clientError(_('API method not found.'), 404);
}
-
}
/**
*
* @return array notices
*/
-
function getNotices()
{
$notices = array();
- $notice = $this->user->getNotices(
- ($this->page-1) * $this->count, $this->count,
- $this->since_id, $this->max_id
- );
+ $notice = $this->target->getNotices(($this->page-1) * $this->count,
+ $this->count + 1,
+ $this->since_id,
+ $this->max_id,
+ $this->scoped);
while ($notice->fetch()) {
- $notices[] = clone($notice);
+ if (count($notices) < $this->count) {
+ $notices[] = clone($notice);
+ } else {
+ $this->next_id = $notice->id;
+ break;
+ }
}
return $notices;
}
/**
- * Is this action read only?
+ * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
*
* @param array $args other arguments
*
* @return boolean true
*/
- function isReadOnly($args)
+ function isReadOnly(array $args=array())
{
- return true;
+ return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
}
/**
*
* @return string datestamp of the latest notice in the stream
*/
-
function lastModified()
{
if (!empty($this->notices) && (count($this->notices) > 0)) {
*
* @return string etag
*/
-
function etag()
{
if (!empty($this->notices) && (count($this->notices) > 0)) {
-
$last = count($this->notices) - 1;
return '"' . implode(
- ':',
- array($this->arg('action'),
- common_user_cache_hash($this->auth_user),
- common_language(),
- $this->user->id,
- strtotime($this->notices[0]->created),
- strtotime($this->notices[$last]->created))
- )
- . '"';
+ ':',
+ array($this->arg('action'),
+ common_user_cache_hash($this->auth_user),
+ common_language(),
+ $this->target->id,
+ strtotime($this->notices[0]->created),
+ strtotime($this->notices[$last]->created))
+ )
+ . '"';
}
return null;
}
+ function handlePost()
+ {
+ if (empty($this->auth_user) ||
+ $this->auth_user->id != $this->target->id) {
+ // TRANS: Client error displayed trying to add a notice to another user's timeline.
+ $this->clientError(_('Only the user can add to their own timeline.'));
+ }
+
+ // Only handle posts for Atom
+ if ($this->format != 'atom') {
+ // TRANS: Client error displayed when using another format than AtomPub.
+ $this->clientError(_('Only accept AtomPub for Atom feeds.'));
+ }
+
+ $xml = trim(file_get_contents('php://input'));
+ if (empty($xml)) {
+ // TRANS: Client error displayed attempting to post an empty API notice.
+ $this->clientError(_('Atom post must not be empty.'));
+ }
+
+ $old = error_reporting(error_reporting() & ~(E_WARNING | E_NOTICE));
+ $dom = new DOMDocument();
+ $ok = $dom->loadXML($xml);
+ error_reporting($old);
+ if (!$ok) {
+ // TRANS: Client error displayed attempting to post an API that is not well-formed XML.
+ $this->clientError(_('Atom post must be well-formed XML.'));
+ }
+
+ if ($dom->documentElement->namespaceURI != Activity::ATOM ||
+ $dom->documentElement->localName != 'entry') {
+ // TRANS: Client error displayed when not using an Atom entry.
+ $this->clientError(_('Atom post must be an Atom entry.'));
+ }
+
+ $activity = new Activity($dom->documentElement);
+
+ $saved = null;
+
+ if (Event::handle('StartAtomPubNewActivity', array(&$activity, $this->target->getUser(), &$saved))) {
+ if ($activity->verb != ActivityVerb::POST) {
+ // TRANS: Client error displayed when not using the POST verb. Do not translate POST.
+ $this->clientError(_('Can only handle POST activities.'));
+ }
+
+ $note = $activity->objects[0];
+
+ if (!in_array($note->type, array(ActivityObject::NOTE,
+ ActivityObject::BLOGENTRY,
+ ActivityObject::STATUS))) {
+ // TRANS: Client error displayed when using an unsupported activity object type.
+ // TRANS: %s is the unsupported activity object type.
+ $this->clientError(sprintf(_('Cannot handle activity object type "%s".'),
+ $note->type));
+ }
+
+ $saved = $this->postNote($activity);
+
+ Event::handle('EndAtomPubNewActivity', array($activity, $this->target->getUser(), $saved));
+ }
+
+ if (!empty($saved)) {
+ header('HTTP/1.1 201 Created');
+ header("Location: " . common_local_url('ApiStatusesShow', array('id' => $saved->id,
+ 'format' => 'atom')));
+ $this->showSingleAtomStatus($saved);
+ }
+ }
+
+ function postNote($activity)
+ {
+ $note = $activity->objects[0];
+
+ // Use summary as fallback for content
+
+ if (!empty($note->content)) {
+ $sourceContent = $note->content;
+ } else if (!empty($note->summary)) {
+ $sourceContent = $note->summary;
+ } else if (!empty($note->title)) {
+ $sourceContent = $note->title;
+ } else {
+ // @fixme fetch from $sourceUrl?
+ // TRANS: Client error displayed when posting a notice without content through the API.
+ // TRANS: %d is the notice ID (number).
+ $this->clientError(sprintf(_('No content for notice %d.'), $note->id));
+ }
+
+ // Get (safe!) HTML and text versions of the content
+
+ $rendered = $this->purify($sourceContent);
+ $content = common_strip_html($rendered);
+
+ $shortened = $this->auth_user->shortenLinks($content);
+
+ $options = array('is_local' => Notice::LOCAL_PUBLIC,
+ 'rendered' => $rendered,
+ 'replies' => array(),
+ 'groups' => array(),
+ 'tags' => array(),
+ 'urls' => array());
+
+ // accept remote URI (not necessarily a good idea)
+
+ common_debug("Note ID is {$note->id}");
+
+ if (!empty($note->id)) {
+ $notice = Notice::getKV('uri', trim($note->id));
+
+ if (!empty($notice)) {
+ // TRANS: Client error displayed when using another format than AtomPub.
+ // TRANS: %s is the notice URI.
+ $this->clientError(sprintf(_('Notice with URI "%s" already exists.'), $note->id));
+ }
+ common_log(LOG_NOTICE, "Saving client-supplied notice URI '$note->id'");
+ $options['uri'] = $note->id;
+ }
+
+ // accept remote create time (also maybe not such a good idea)
+
+ if (!empty($activity->time)) {
+ common_log(LOG_NOTICE, "Saving client-supplied create time {$activity->time}");
+ $options['created'] = common_sql_date($activity->time);
+ }
+
+ // Check for optional attributes...
+
+ if ($activity->context instanceof ActivityContext) {
+
+ foreach ($activity->context->attention as $uri=>$type) {
+ try {
+ $profile = Profile::fromUri($uri);
+ if ($profile->isGroup()) {
+ $options['groups'][] = $profile->id;
+ } else {
+ $options['replies'][] = $uri;
+ }
+ } catch (UnknownUriException $e) {
+ common_log(LOG_WARNING, sprintf('AtomPub post with unknown attention URI %s', $uri));
+ }
+ }
+
+ // Maintain direct reply associations
+ // @fixme what about conversation ID?
+
+ if (!empty($activity->context->replyToID)) {
+ $orig = Notice::getKV('uri',
+ $activity->context->replyToID);
+ if (!empty($orig)) {
+ $options['reply_to'] = $orig->id;
+ }
+ }
+
+ $location = $activity->context->location;
+
+ if ($location) {
+ $options['lat'] = $location->lat;
+ $options['lon'] = $location->lon;
+ if ($location->location_id) {
+ $options['location_ns'] = $location->location_ns;
+ $options['location_id'] = $location->location_id;
+ }
+ }
+ }
+
+ // Atom categories <-> hashtags
+
+ foreach ($activity->categories as $cat) {
+ if ($cat->term) {
+ $term = common_canonical_tag($cat->term);
+ if ($term) {
+ $options['tags'][] = $term;
+ }
+ }
+ }
+
+ // Atom enclosures -> attachment URLs
+ foreach ($activity->enclosures as $href) {
+ // @fixme save these locally or....?
+ $options['urls'][] = $href;
+ }
+
+ $saved = Notice::saveNew($this->target->id,
+ $content,
+ 'atompub', // TODO: deal with this
+ $options);
+
+ return $saved;
+ }
+
+ function purify($content)
+ {
+ require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
+
+ $config = array('safe' => 1,
+ 'deny_attribute' => 'id,style,on*');
+ return htmLawed($content, $config);
+ }
}